// For flags

CVE-2007-0104

 

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

La especificación de Adobe PDF versión 1.3, implementada por (a) xpdf versión 3.0.1 parche 2, (b) kpdf en KDE anterior a versión 3.5.5, (c) poppler anterior a versión 0.5.4, y otros productos, permite a los atacantes remotos tener un impacto desconocido, posiblemente incluyendo la denegación de servicio (bucle infinito), ejecución de código arbitraria, o corrupción de memoria , por medio de un archivo PDF con un (1) diccionario de catálogo creado o (2) un atributo Pages creado que hace referencia a un nodo de árbol de páginas no válido.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-08 CVE Reserved
  • 2007-01-09 CVE Published
  • 2023-12-20 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (34)
URL Date SRC
http://www.securityfocus.com/bid/21910 2024-08-07
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Xpdf
Search vendor "Xpdf"
Xpdf
Search vendor "Xpdf" for product "Xpdf"
3.0
Search vendor "Xpdf" for product "Xpdf" and version "3.0"
-
Affected
Xpdf
Search vendor "Xpdf"
Xpdf
Search vendor "Xpdf" for product "Xpdf"
3.0.1
Search vendor "Xpdf" for product "Xpdf" and version "3.0.1"
-
Affected
Xpdf
Search vendor "Xpdf"
Xpdf
Search vendor "Xpdf" for product "Xpdf"
3.0.1_pl1
Search vendor "Xpdf" for product "Xpdf" and version "3.0.1_pl1"
-
Affected
Xpdf
Search vendor "Xpdf"
Xpdf
Search vendor "Xpdf" for product "Xpdf"
3.0.1_pl2
Search vendor "Xpdf" for product "Xpdf" and version "3.0.1_pl2"
-
Affected
Xpdf
Search vendor "Xpdf"
Xpdf
Search vendor "Xpdf" for product "Xpdf"
3.0_pl2
Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl2"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.2
Search vendor "Kde" for product "Kde" and version "3.2"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.2.1
Search vendor "Kde" for product "Kde" and version "3.2.1"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.2.2
Search vendor "Kde" for product "Kde" and version "3.2.2"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.2.3
Search vendor "Kde" for product "Kde" and version "3.2.3"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.3
Search vendor "Kde" for product "Kde" and version "3.3"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.3.1
Search vendor "Kde" for product "Kde" and version "3.3.1"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.3.2
Search vendor "Kde" for product "Kde" and version "3.3.2"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.4
Search vendor "Kde" for product "Kde" and version "3.4"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.4.1
Search vendor "Kde" for product "Kde" and version "3.4.1"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.4.2
Search vendor "Kde" for product "Kde" and version "3.4.2"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.4.3
Search vendor "Kde" for product "Kde" and version "3.4.3"
-
Affected
Kde
Search vendor "Kde"
Kde
Search vendor "Kde" for product "Kde"
3.5
Search vendor "Kde" for product "Kde" and version "3.5"
-
Affected